logo

2019-08-08 ~ 2019-08-11

Presentations (with video): 96 (77)

DEF CON (also written as DEFCON, Defcon or DC) is a hacker convention held annually in Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as cyber-security challenges and competitions (known as hacking wargames). Contests held during the event are extremely varied, and can range from creating the longest Wi-Fi connection to finding the most effective way to cool a beer in the Nevada heat.

Sort by:  

Conference:  Defcon 27
Authors:
2019-08-01

tldr - powered by Generative AI

The presentation discusses the lack of authentication in various technologies and the need for increased security measures in smart TVs.
  • The lack of authentication in radio frequency, GPS, and mobile networks makes them vulnerable to attacks.
  • Smart TVs also lack proper security measures and need to have secure browsers and operating systems.
  • The presenter demonstrates how to inject a poisoned video and modify URLs through ARP poisoning and Metasploit.
  • The anecdote highlights the ease with which a user's browser can be compromised through a fake hook.
  • The main thesis is that increased authentication and security measures are necessary in various technologies to prevent cyber attacks.
Tags:
Conference:  Defcon 27
Authors:
2019-08-01

tldr - powered by Generative AI

The presentation discusses the existence of a secret website called SirK1 that allows anyone to track the location of any phone number without the target's knowledge or consent. The website is being used by bounty hunters, stalkers, and domestic abusers, and the lack of security measures on the website makes it vulnerable to abuse.
  • SirK1 is a secret website that allows anyone to track the location of any phone number without the target's knowledge or consent
  • The website is being used by bounty hunters, stalkers, and domestic abusers
  • The lack of security measures on the website makes it vulnerable to abuse
  • The website is not enforcing its two-IP rule, and some administrators may be reselling access to the system on the black market
  • The website does not send any warning to the target device being tracked, and the target has no idea they're being tracked at all
Tags:
Conference:  Defcon 27
Authors:
2019-08-01

tldr - powered by Generative AI

The rise of hype bots and the use of shell scripting in purchasing streetwear and other high-demand items.
  • Hype bots have become a major force in purchasing high-demand items such as sneakers, shirts, and swag.
  • Shell scripting is often necessary to compete with AI-powered bots.
  • Companies are struggling to combat the use of bots in purchasing.
  • The internet was built for bots, and web developers must optimize their sites for robots.
  • Test-driven development is important for writing bots and optimizing checkout processes.
  • Capitalism encourages bad behavior in the purchasing of high-demand items.
  • Resellers control the market for high-demand items and mark up prices significantly.
  • Consumers encourage this behavior by being willing to pay exorbitant prices for these items.
Tags:
Conference:  Defcon 27
Authors:
2019-08-01

tldr - powered by Generative AI

The presentation discusses a method for exploiting vulnerabilities in Android's Wi-Fi system to gain control of the device's memory and execute arbitrary code.
  • The presenter describes a process for exploiting a vulnerability in Android's Wi-Fi system to gain control of the device's memory and execute arbitrary code
  • The process involves overriding a smart pointer in the Wi-Fi system and passing two tests to gain control
  • The presenter emphasizes the importance of understanding the code and identifying useful data points to successfully exploit vulnerabilities
Tags:
Conference:  Defcon 27
Authors:
2019-08-01

tldr - powered by Generative AI

Singularity is a tool for automating web application security testing and exploitation
  • Singularity can be used to scan for vulnerable hosts and services
  • Singularity provides a sample attack HTML file automation file that is fully customizable
  • Singularity uses a WebSocket connection to hook victim browsers and perform service detection and auto exploitation
  • Singularity encountered challenges with cookies and HTTP authentication, but found workarounds
Tags:
Conference:  Defcon 27
Authors:
2019-08-01

tldr - powered by Generative AI

The presentation discusses various techniques to bypass locks and keys, and suggests remediation strategies to improve security.
  • Various techniques to bypass locks and keys were demonstrated, including bumping, impressioning, and decoding.
  • Remediation strategies to improve security include using mastered or sectional keyways, adding delays and motion sensors, and conducting forensics to detect tampering.
  • Locks and keys are still effective security measures, but should not be relied on as the sole means of protection.
  • Security should be airtight and robust, even if a master key is lost.
  • Forensics can be used to detect tampering and identify the specific technique used.
Tags:
Conference:  Defcon 27
Authors:
2019-08-01

tldr - powered by Generative AI

The presentation discusses the evolution of endpoint security solutions and the three main mechanisms used to protect against cyber attacks: static signatures, heuristic rules, and behavioral signatures.
  • Static signatures look for indications of compromise in binary sequences or strings in a file or memory dump.
  • Heuristic rules calculate a heuristic score based on properties of a file, such as location or API usage, to determine if it is malicious.
  • Behavioral signatures monitor API calls and analyze the impact of a piece of code on a system to detect unknown malware.
  • The presentation provides examples of creating static signatures and the limitations of relying solely on them.
  • The speaker also discusses the challenges of creating accurate behavioral signatures and the need for continued improvement in endpoint security solutions.
Tags:
Conference:  Defcon 27
Authors:
2019-08-01

tldr - powered by Generative AI

The presentation discusses a vulnerability found in Delta HVAC systems that can be exploited remotely, and the importance of cooperation between security researchers and vendors to fix such vulnerabilities.
  • Delta was cooperative in fixing the vulnerability
  • Cooperation between security researchers and vendors is necessary to fix vulnerabilities before malicious attacks can occur
  • The vulnerability can be exploited remotely using certain technology
  • Approximately 1600-1700 Delta devices worldwide were found to have the same vulnerability
  • A fully functional HVAC unit controlled by a Delta system was built to demonstrate the effectiveness of the attack
Tags:
Conference:  Defcon 27
Authors:
2019-08-01

tldr - powered by Generative AI

The presentation discusses the use of BPF (Berkeley Packet Filter) to build rootkits and modify syscalls in the kernel. It also covers the limitations and potential risks of using this approach.
  • BPF can be used to modify syscalls and redirect them to a different path
  • Careful filtering is necessary to avoid crashing the system
  • Persisting stack or heap data can help hide the modifications
  • Blackholing syscalls can be useful for reverse engineering
  • Non-writable pages cannot be modified using this approach
Tags:
Conference:  Defcon 27
Authors:
2019-08-01

tldr - powered by Generative AI

The presentation discusses the automated exploitation of vulnerable smart contracts on the Ethereum blockchain and the game-theoretic consequences of such exploits.
  • Introduction of Karl, an Ethereum blockchain monitor, and Scrooge McEtherface, an auto-exploitation bot that extracts Ether from vulnerable smart contracts
  • Use of symbolic execution to detect vulnerable states and construct exploit payloads using the Z3 constraint solver
  • Game-theoretic consequences of multiple bots competing for exploiting the same contracts and honeypots that counter-exploit bots
  • Demonstration of vulnerable contracts, honeypots, and counter-honeypots, and explanation of transaction ordering and frontrunning
  • Challenges for the audience to solve vulnerable smart contracts
Tags: